Brute force alphanumeric password using JohnTheRipper

lowercase + numbers

Incremental actually has a predefined mode for lowercase + numbers:

File = $JOHN/lowernum.chr
MinLen = 1
MaxLen = 13
CharCount = 36

From the documentation:

"LowerNum" (lowercase letters plus digits, for 36 total)

Just adjust MinLen and MaxLen.

Create new incremental mode with certain characters

If you want to create your own chr file with a customized set of characters, you would do it like this:

john --pot=YOUR.pot --make-charset=YOUR_NEW_FILE.chr --external=filter_lowernum

filter_lowernum is the filter which determines what characters will be in your chr file. It is defined in your john.conf (under [List.External:Filter_LowerNum]), and you can create your own filters there as well. The code for LowerNum looks like this:

void filter()
    int i, c;

    i = 0;
    while (c = word[i++])
    if (((c < 'a' || c > 'z') && (c < '0' || c > '9')) || i > 13) {
        word = 0; return;

Then just add the incremental filter to your config.

you can run following python code to do this

import zipfile,sys,time
import itertools
def extractFile(zFile, password):
        answer= zFile.extractall(pwd=password)
        print 'Fount password : ', password
        return True
        #print password + " was incorrect"
        return False
def main(ifile):
    zFile = zipfile.ZipFile(ifile)
    pass_str = "abcdebcdefghijklmnopqrstuvwxyz0123456789"
    for pass_len in range(1,5):
        passwords = itertools.permutations(pass_str,pass_len)
        for password in passwords:
            #print password
            password = ''.join(password)
            sys.stdout.write("\r checking .. %s" % password )

            if (extractFile(zFile, password)):
                print "checked  "+password+"  ..."

if __name__ == '__main__':
        ifile = sys.argv[1]
        print "please run like  'python'"

this program dont need any external library. its pure python. just run llke